safe and satisfied: a new equilibriumSecurity First and Foremost
With the use of mobile devices being at an all-time high and mobile digital media outpacing desktop computer usage, any business that isn't using mobile devices to reach its consumers is making very poor business decisions. However, reaching the customers is not enough - once reached, they must feel safe using your services and products.
As Safe as a Safe
When it comes
to banking, security has always been a vital factor for both attracting new
customers and ensuring existing ones have a great degree of satisfaction and
trust. With technology advancing in leaps and bounds, so have the threats and
risks connected to it increased. In the world of banking this has meant taking
on an onslaught of malware, corrupted apps, flawed authentication, lost or
stolen devices and all kinds of IT-related fraud.
Security risks related to banking apps are various and threats may come from some quite unexpected places. These risks include malware specifically targeting mobile devices, which can be hidden in both ads and apps and is notoriously difficult to guard and fight against. Apps themselves may also be vulnerable to exploits, especially if other apps (e.g. a shopping app) are able to access your banking app for login information (i.e. username and password). And even free wi-fi, something we've come to take for granted in public places, can be used to breach security: all fraudsters have to do is create a wi-fi hotspot and trick you into using it (e.g. by giving it a name similar to a hotspot you'd normally use) - and free wi-fi also exposes you to packet sniffers, which collect your banking details and your personal information (name, address or phone number).
PODCAST: FRAUD TRENDS
Find out more about the current fraud affairs in the cyberspace and payment industry and how Mercury Processing Services International deals with them from Jelena Kolega, Head of Fraud Intelligence Products Department.
Staying on Top of Security
While bank's customers may be the target of most security threats, banks and financial institutions themselves are not safe either. Developments such as device fingerprinting and remote deposit capture have both improved customer experience and increased security, but they are still not foolproof.
Device fingerprinting means collecting information about the device, which is then stored in a bank’s system to distinguish the true customer from a potential fraudster; while remote deposit capture allows for users to snap a picture of a paper check on their mobile device and deposit a check electronically, thus eliminating trips to the bank. There are rigid customer agreements and monitoring in place for these services, but even these measures can be circumvented so it's vital that banks always stay on top of newest security developments.
Staying on top in this context, means not being controlled by the fear that the work of a bank's security team will greatly slow down market plans, and allowing the security team to be involved at the early stages of the app or service development process - this way, many risks can be identified and mitigated even before they become an actual problem or threat.
Fast Changes and Biometrics
With the current pace of technological development, changes in safety and security are coming in faster and faster and standards are rushing to meet them. One such change is biometrics, which is expected to become commonplace as early as 2019, due to both tech-savviness of the average banking customer and their desire for a simple and smooth user experience.
But what is biometrics and how will it change the game with regards to banking security? Well, in essence, biometrics is a method of personal identification based on unique biological patterns on and in a customer's body: iris and retina inside eyes, fingerprints, vein pattern beneath the skin, facial pattern, DNA sequence, voice print, gait, typing rhythm, etc. By using technology to analyze these patterns, a bank's systems (e.g. online or mobile banking) can automatically recognize and verify a customer's identity and allow them access.
Biometrics are the next step in security for several reasons. Firstly, passwords are increasingly losing their reliability. A staggering percentage of security breaches are caused by stolen passwords since many customers pick insecure (i.e. predictable) passwords and so become easy pray for hackers. Secondly, customers themselves have high concerns regarding the security of their mobile banking apps and would view biometric authentication as proof of high security standards.
Biometrics are already being embraced by major players - Wells Fargo's mobile banking apps feature eye-scanning technology, Citigroup has deployed voice authentication, and Bank of America is making good use of fingerprint scanners.
Biometrics, however, are not flawless and there are some limitations to the practical application: face recognition depends on the light conditions, fingerprint authentication may not work in case of a finger injury, an illness or noise may affect voice recognition, colored contact lenses may prevent iris scans. But even without 100% effectiveness, biometrics are still far more effective than passwords alone which is why there is an increase in instances of two-step authorizations, i.e. banks using biometrics in conjunction with passwords - for example, a biometric scan will allow you access to your banking app, but a password is required to initiate a digital money transfer.
The Machine Will Learn
And finally, the need for security is no longer imaginable without machine learning and AI, which are not only already watching financial traffic to detect fraud but are now also searching the web to gather knowledge on how to fight against it. Since computers can now not only read digits or text but also understand the context, they can predict a user’s behavior.
By using both
historical and live data to create patterns for a customers’ behavior, computers
can now detect suspicious transactions and also make accurate fraud
predictions. What happens is this: the system creates deep profiles of
customers based on gathered data, integrating historical data with streaming
information, and analyses it in real-time to make the most accurate predictions
and prevent fraud attempts. It also learns from every transaction, which means
its accuracy will greatly increase over time.
It's extremely useful with multi-channel payments (e.g. when your customers pay both on your website and via mobile apps) and it allows a look at more granular information a human analyst might miss when checking transactions manually.
Yes, sometimes genuine orders may be rejected because they aren’t tailored to the typical behavior pattern, but while machine learning isn’t perfect it can still solve many problems and is one of the best methods for increasing both your customer base and customer satisfaction.
PODCAST: SECURITY MEASURES
Learn more about security measures at Mercury Processing Services International from Vinko Zlomislić, Information security expert.